Responsibilities A client with Kforce is seeking a DevOps/Cloud Engineer (Virtualization Engineer) with deep expertise in secure system design, virtualization, and container orchestration. The ideal candidate will build containerized execution environments for off-chain validation of smart contract logic, employing advanced isolation techniques and runtime sandboxing configurations. This role focuses on enforcing secure boundaries, ensuring system containment, and managing high-assurance distributed systems within cloud-native and air-gapped environments. Key Responsibilities: • Implement containerized execution environments for off-chain smart contract validation with secure runtime enforcement • Design and maintain isolation diagrams and runtime sandbox configurations (seccomp, AppArmor, SELinux) • Build and manage secure virtualized infrastructures leveraging KVM, QEMU, Docker, Firecracker, and gVisor • Deploy and manage container orchestration platforms like Kubernetes with hardened security policies • Conduct threat modeling and implement isolation strategies aligned with zero-trust and air-gapped architectures • Collaborate with cross-functional teams in regulated industries (defense, finance, healthcare) to ensure compliance with security standards • Optimize system security and performance through deep knowledge of OS internals, kernel features, and hypervisor technologies Requirements • 7+ years of experience in virtualization, containerization, and secure OS-level sandboxing • Hands-on experience configuring and managing runtime sandboxes in Linux environments (seccomp, AppArmor, SELinux) • Proficiency with virtualization and container tools: KVM, QEMU, Docker, Firecracker, gVisor • Strong understanding of secure system design, threat modeling, and zero-trust principles • Experience in high-security or regulated sectors such as defense, finance, or healthcare • Expertise in container orchestration platforms, especially Kubernetes, with a focus on secure deployment • Deep understanding of OS internals, kernel security, and hypervisor mechanisms The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future. We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave. Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law. This job is not eligible for bonuses, incentives or commissions. Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.